From: Joshua Watt <jpewhacker@gmail.com>
To: openembedded-core@lists.openembedded.org
Cc: Joshua Watt <JPEWhacker@gmail.com>
Subject: [OE-core][PATCH 2/5] spdx: Reformat
Date: Tue, 9 Jun 2026 16:15:53 -0600 [thread overview]
Message-ID: <20260609222331.1293007-3-JPEWhacker@gmail.com> (raw)
In-Reply-To: <20260609222331.1293007-1-JPEWhacker@gmail.com>
Reformats SPDX files with black
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
---
meta/lib/oe/sbom30.py | 6 +--
meta/lib/oe/spdx30_tasks.py | 76 ++++++++++++++++++++-----------------
2 files changed, 44 insertions(+), 38 deletions(-)
diff --git a/meta/lib/oe/sbom30.py b/meta/lib/oe/sbom30.py
index b379ff947c..0926266295 100644
--- a/meta/lib/oe/sbom30.py
+++ b/meta/lib/oe/sbom30.py
@@ -712,7 +712,7 @@ class ObjectSet(oe.spdx30.SHACLObjectSet):
return self.add(v)
def new_vex_patched_relationship(self, from_, to, notes: None):
- props = {'security_statusNotes': notes} if notes else {}
+ props = {"security_statusNotes": notes} if notes else {}
return self._new_relationship(
oe.spdx30.security_VexFixedVulnAssessmentRelationship,
from_,
@@ -724,7 +724,7 @@ class ObjectSet(oe.spdx30.SHACLObjectSet):
)
def new_vex_unpatched_relationship(self, from_, to, notes: None):
- props = {'security_statusNotes': notes} if notes else {}
+ props = {"security_statusNotes": notes} if notes else {}
return self._new_relationship(
oe.spdx30.security_VexAffectedVulnAssessmentRelationship,
from_,
@@ -737,7 +737,7 @@ class ObjectSet(oe.spdx30.SHACLObjectSet):
)
def new_vex_ignored_relationship(self, from_, to, *, impact_statement, notes: None):
- props = {'security_statusNotes': notes} if notes else {}
+ props = {"security_statusNotes": notes} if notes else {}
return self._new_relationship(
oe.spdx30.security_VexNotAffectedVulnAssessmentRelationship,
from_,
diff --git a/meta/lib/oe/spdx30_tasks.py b/meta/lib/oe/spdx30_tasks.py
index 7cc46d579b..72d17aade6 100644
--- a/meta/lib/oe/spdx30_tasks.py
+++ b/meta/lib/oe/spdx30_tasks.py
@@ -382,7 +382,6 @@ def collect_dep_sources(dep_objsets, dest):
index_sources_by_hash(e.to, dest)
-
def _generate_git_purl(d, download_location, srcrev):
"""Generate a Package URL for a Git source from its download location.
@@ -392,27 +391,29 @@ def _generate_git_purl(d, download_location, srcrev):
Returns the PURL string or None if no mapping matches.
"""
- if not download_location or not download_location.startswith('git+'):
+ if not download_location or not download_location.startswith("git+"):
return None
git_url = download_location[4:] # Remove 'git+' prefix
# Default handler: github.com
git_purl_handlers = {
- 'github.com': 'pkg:github',
+ "github.com": "pkg:github",
}
# Custom PURL mappings from SPDX_GIT_PURL_MAPPINGS
# Format: "domain1:purl_type1 domain2:purl_type2"
- custom_mappings = d.getVar('SPDX_GIT_PURL_MAPPINGS')
+ custom_mappings = d.getVar("SPDX_GIT_PURL_MAPPINGS")
if custom_mappings:
for mapping in custom_mappings.split():
- parts = mapping.split(':', 1)
+ parts = mapping.split(":", 1)
if len(parts) == 2:
git_purl_handlers[parts[0]] = parts[1]
bb.debug(2, f"Added custom Git PURL mapping: {parts[0]} -> {parts[1]}")
else:
- bb.warn(f"Invalid SPDX_GIT_PURL_MAPPINGS entry: {mapping} (expected format: domain:purl_type)")
+ bb.warn(
+ f"Invalid SPDX_GIT_PURL_MAPPINGS entry: {mapping} (expected format: domain:purl_type)"
+ )
try:
parsed = urllib.parse.urlparse(git_url)
@@ -425,11 +426,11 @@ def _generate_git_purl(d, download_location, srcrev):
for domain, purl_type in git_purl_handlers.items():
if hostname == domain:
- path = parsed.path.strip('/')
- path_parts = path.split('/')
+ path = parsed.path.strip("/")
+ path_parts = path.split("/")
if len(path_parts) >= 2:
owner = path_parts[0]
- repo = path_parts[1].replace('.git', '')
+ repo = path_parts[1].replace(".git", "")
return f"{purl_type}/{owner}/{repo}@{srcrev}"
break
@@ -448,12 +449,12 @@ def _enrich_source_package(d, dl, fd, file_name, primary_purpose):
if fd.type == "git":
# Use full SHA-1 from fd.revision
- srcrev = getattr(fd, 'revision', None)
- if srcrev and srcrev not in {'${AUTOREV}', 'AUTOINC', 'INVALID'}:
+ srcrev = getattr(fd, "revision", None)
+ if srcrev and srcrev not in {"${AUTOREV}", "AUTOINC", "INVALID"}:
version = srcrev
# Generate PURL for Git hosting services
- download_location = getattr(dl, 'software_downloadLocation', None)
+ download_location = getattr(dl, "software_downloadLocation", None)
if version and download_location:
purl = _generate_git_purl(d, download_location, version)
@@ -464,12 +465,12 @@ def _enrich_source_package(d, dl, fd, file_name, primary_purpose):
dl.software_packageUrl = purl
# Add VCS external reference for Git repositories
- download_location = getattr(dl, 'software_downloadLocation', None)
+ download_location = getattr(dl, "software_downloadLocation", None)
if download_location and isinstance(download_location, str):
- if download_location.startswith('git+'):
+ if download_location.startswith("git+"):
git_url = download_location[4:]
- if '@' in git_url:
- git_url = git_url.split('@')[0]
+ if "@" in git_url:
+ git_url = git_url.split("@")[0]
dl.externalRef = dl.externalRef or []
dl.externalRef.append(
@@ -480,7 +481,6 @@ def _enrich_source_package(d, dl, fd, file_name, primary_purpose):
)
-
def add_download_files(d, objset):
inputs = set()
@@ -726,8 +726,9 @@ def create_recipe_spdx(d):
if status == "Patched":
spdx_vex = recipe_objset.new_vex_patched_relationship(
- [spdx_cve_id], [recipe],
- notes=": ".join(v for v in (detail, description) if v)
+ [spdx_cve_id],
+ [recipe],
+ notes=": ".join(v for v in (detail, description) if v),
)
patches = []
for idx, filepath in enumerate(resources):
@@ -753,8 +754,9 @@ def create_recipe_spdx(d):
elif status == "Unpatched":
recipe_objset.new_vex_unpatched_relationship(
- [spdx_cve_id], [recipe],
- notes=": ".join(v for v in (detail, description) if v)
+ [spdx_cve_id],
+ [recipe],
+ notes=": ".join(v for v in (detail, description) if v),
)
elif status == "Ignored":
spdx_vex = recipe_objset.new_vex_ignored_relationship(
@@ -1060,7 +1062,11 @@ def create_spdx(d):
if include_sources:
debug_sources |= get_package_sources_from_debug(
- d, package, package_files, dep_sources, source_hash_cache,
+ d,
+ package,
+ package_files,
+ dep_sources,
+ source_hash_cache,
excluded_files=excluded_files,
)
@@ -1185,7 +1191,7 @@ def create_package_spdx(d):
if dep not in providers:
continue
- (dep, _) = providers[dep]
+ dep, _ = providers[dep]
if not oe.packagedata.packaged(dep, localdata):
continue
@@ -1455,17 +1461,17 @@ def create_image_spdx(d):
image_path = image_deploy_dir / image_filename
if os.path.isdir(image_path):
a, _ = add_package_files(
- d,
- objset,
- image_path,
- lambda file_counter: objset.new_spdxid(
- "imagefile", str(file_counter)
- ),
- lambda filepath: [],
- license_data=None,
- ignore_dirs=[],
- ignore_top_level_dirs=[],
- archive=None,
+ d,
+ objset,
+ image_path,
+ lambda file_counter: objset.new_spdxid(
+ "imagefile", str(file_counter)
+ ),
+ lambda filepath: [],
+ license_data=None,
+ ignore_dirs=[],
+ ignore_top_level_dirs=[],
+ archive=None,
)
artifacts.extend(a)
else:
@@ -1482,7 +1488,7 @@ def create_image_spdx(d):
oe.spdx30.Hash(
algorithm=oe.spdx30.HashAlgorithm.sha512,
hashValue=bb.utils.sha512_file(image_path),
- )
+ ),
],
)
)
--
2.54.0
next prev parent reply other threads:[~2026-06-09 22:23 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-09 22:15 [OE-core][PATCH 0/5] Implement SPDX for deploy tasks Joshua Watt
2026-06-09 22:15 ` [OE-core][PATCH 1/5] classes/baremetal-image: Remove "do_" prefix from image manifest Joshua Watt
2026-06-09 22:15 ` Joshua Watt [this message]
2026-06-09 22:15 ` [OE-core][PATCH 3/5] spdx: Add ability for deploy tasks to create SPDX Joshua Watt
2026-06-09 22:15 ` [OE-core][PATCH 4/5] Add SPDX deploy tasks Joshua Watt
2026-06-09 22:31 ` Patchtest results for " patchtest
2026-06-10 6:17 ` Mikko Rapeli
2026-06-10 7:46 ` Richard Purdie
2026-06-09 22:15 ` [OE-core][PATCH 5/5] spdx: Replace do_create_image_spdx with deploy task Joshua Watt
2026-06-10 13:17 ` [OE-core][PATCH 0/5] Implement SPDX for deploy tasks Mathieu Dubois-Briand
2026-06-11 18:46 ` Joshua Watt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260609222331.1293007-3-JPEWhacker@gmail.com \
--to=jpewhacker@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox